Hi, Jesús JM.
What you're talking about is called "authorization". Normally, authorization decisions are enforced by **the end service itself**, so it's not something Gluu Service can be responsible for. Usually, you just release some role attribute for each of your users, and your service will either grant or deny access based on its value. So for your developer users "role" attribute will contain "developer", and for customers it will be "customer".
There is also option to utilize [UMA](https://gluu.org/docs/ce/3.1.4/admin-guide/uma/) which allows to delegate authorization decision taking to Gluu Server, but it may be an overkill for a simple setup like yours, and will require additional implementation overhead.